1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dsoftbusadapter_fuzzer.h"
17
18 #include "singleton.h"
19
20 #include "devicestatus_define.h"
21 #include "dsoftbus_adapter_impl.h"
22 #include "socket_session_manager.h"
23
24 #include "message_parcel.h"
25
26 #undef LOG_TAG
27 #define LOG_TAG "DsoftbusAdapterFuzzTest"
28 namespace OHOS {
29 namespace Msdp {
30 namespace DeviceStatus {
31 #define SERVER_SESSION_NAME "ohos.msdp.device_status.intention.serversession"
32 const uint8_t *g_baseFuzzData = nullptr;
33 size_t g_baseFuzzSize = 0;
34 size_t g_baseFuzzPos = 0;
35 constexpr size_t STR_LEN = 255;
36 constexpr size_t PKG_NAME_SIZE_MAX { 65 };
37 constexpr size_t DEVICE_NAME_SIZE_MAX { 256 };
38
GetData()39 template <class T> T GetData()
40 {
41 T objetct{};
42 size_t objetctSize = sizeof(objetct);
43 if (g_baseFuzzData == nullptr || objetctSize > g_baseFuzzSize - g_baseFuzzPos) {
44 return objetct;
45 }
46 errno_t ret = memcpy_s(&objetct, objetctSize, g_baseFuzzData + g_baseFuzzPos, objetctSize);
47 if (ret != EOK) {
48 return {};
49 }
50 g_baseFuzzPos += objetctSize;
51 return objetct;
52 }
53
SetGlobalFuzzData(const uint8_t * data,size_t size)54 void SetGlobalFuzzData(const uint8_t *data, size_t size)
55 {
56 g_baseFuzzData = data;
57 g_baseFuzzSize = size;
58 g_baseFuzzPos = 0;
59 }
60
GetStringFromData(int strlen)61 std::string GetStringFromData(int strlen)
62 {
63 if (strlen < 1) {
64 return "";
65 }
66
67 char cstr[strlen];
68 cstr[strlen - 1] = '\0';
69 for (int i = 0; i < strlen - 1; i++) {
70 cstr[i] = GetData<char>();
71 }
72 std::string str(cstr);
73 return str;
74 }
75
76 class DSoftbusObserver final : public IDSoftbusObserver {
77 public:
78 DSoftbusObserver() = default;
79 ~DSoftbusObserver() = default;
80
OnBind(const std::string & networkId)81 void OnBind(const std::string &networkId) {}
OnShutdown(const std::string & networkId)82 void OnShutdown(const std::string &networkId) {}
OnConnected(const std::string & networkId)83 void OnConnected(const std::string &networkId) {}
OnPacket(const std::string & networkId,NetPacket & packet)84 bool OnPacket(const std::string &networkId, NetPacket &packet)
85 {
86 return true;
87 }
OnRawData(const std::string & networkId,const void * data,uint32_t dataLen)88 bool OnRawData(const std::string &networkId, const void *data, uint32_t dataLen)
89 {
90 return true;
91 }
92 };
93
EnableFuzzTest(const uint8_t * data,size_t size)94 bool EnableFuzzTest(const uint8_t* data, size_t size)
95 {
96 if ((data == nullptr) || (size < 1)) {
97 return false;
98 }
99 SetGlobalFuzzData(data, size);
100
101 DSoftbusAdapterImpl::GetInstance()->Enable();
102 DSoftbusAdapterImpl::GetInstance()->SetupServer();
103 DSoftbusAdapterImpl::GetInstance()->ShutdownServer();
104 DSoftbusAdapterImpl::GetInstance()->CloseAllSessions();
105 DSoftbusAdapterImpl::GetInstance()->CloseAllSessionsLocked();
106 DSoftbusAdapterImpl::GetInstance()->Disable();
107 return true;
108 }
109
AddObserverFuzzTest(const uint8_t * data,size_t size)110 bool AddObserverFuzzTest(const uint8_t* data, size_t size)
111 {
112 if ((data == nullptr) || (size < 1)) {
113 return false;
114 }
115 SetGlobalFuzzData(data, size);
116
117 std::shared_ptr<IDSoftbusObserver> observer = std::make_shared<DSoftbusObserver>();
118 DSoftbusAdapterImpl::GetInstance()->AddObserver(observer);
119 DSoftbusAdapterImpl::GetInstance()->RemoveObserver(observer);
120 return true;
121 }
122
CheckDeviceOnlineFuzzTest(const uint8_t * data,size_t size)123 bool CheckDeviceOnlineFuzzTest(const uint8_t* data, size_t size)
124 {
125 if ((data == nullptr) || (size < 1)) {
126 return false;
127 }
128 SetGlobalFuzzData(data, size);
129
130 std::string networkId = GetStringFromData(STR_LEN);
131 CircleStreamBuffer circleBuffer;
132
133 DSoftbusAdapterImpl::GetInstance()->CheckDeviceOnline(networkId);
134 DSoftbusAdapterImpl::GetInstance()->CloseSession(networkId);
135 DSoftbusAdapterImpl::GetInstance()->HandleSessionData(networkId, circleBuffer);
136 DSoftbusAdapterImpl::GetInstance()->OpenSessionLocked(networkId);
137 DSoftbusAdapterImpl::GetInstance()->OnConnectedLocked(networkId);
138 return true;
139 }
140
OpenSessionFuzzTest(const uint8_t * data,size_t size)141 bool OpenSessionFuzzTest(const uint8_t* data, size_t size)
142 {
143 if ((data == nullptr) || (size < 1)) {
144 return false;
145 }
146 SetGlobalFuzzData(data, size);
147
148 std::string networkId = GetStringFromData(STR_LEN);
149 DSoftbusAdapterImpl::GetInstance()->OpenSession(networkId);
150 DSoftbusAdapterImpl::GetInstance()->FindConnection(networkId);
151 DSoftbusAdapterImpl::GetInstance()->CloseSession(networkId);
152 DSoftbusAdapterImpl::GetInstance()->CloseAllSessions();
153 return true;
154 }
155
156
SendPacketFuzzTest(const uint8_t * data,size_t size)157 bool SendPacketFuzzTest(const uint8_t* data, size_t size)
158 {
159 if ((data == nullptr) || (size < 1)) {
160 return false;
161 }
162 SetGlobalFuzzData(data, size);
163
164 Parcel parcel;
165 NetPacket packet(MessageId::DSOFTBUS_START_COOPERATE);
166 std::string networkId = GetStringFromData(STR_LEN);
167 DSoftbusAdapterImpl::GetInstance()->SendPacket(networkId, packet);
168 DSoftbusAdapterImpl::GetInstance()->SendParcel(networkId, parcel);
169 DSoftbusAdapterImpl::GetInstance()->BroadcastPacket(packet);
170 DSoftbusAdapterImpl::GetInstance()->HandlePacket(networkId, packet);
171 return true;
172 }
173
InitSocketFuzzTest(const uint8_t * data,size_t size)174 bool InitSocketFuzzTest(const uint8_t* data, size_t size)
175 {
176 if ((data == nullptr) || (size < 1)) {
177 return false;
178 }
179 SetGlobalFuzzData(data, size);
180
181 int32_t socket = GetData<int32_t>();
182 uint32_t dataLen = GetData<uint32_t>();
183 std::string networkId = GetStringFromData(STR_LEN);
184 int32_t *g_data = new int32_t(socket);
185
186 char name[DEVICE_NAME_SIZE_MAX] { SERVER_SESSION_NAME };
187 char pkgName[PKG_NAME_SIZE_MAX] { FI_PKG_NAME };
188 SocketInfo info {
189 .name = name,
190 .pkgName = pkgName,
191 .dataType = DATA_TYPE_BYTES
192 };
193
194 DSoftbusAdapterImpl::GetInstance()->InitSocket(info, socket, socket);
195 DSoftbusAdapterImpl::GetInstance()->ConfigTcpAlive(socket);
196 DSoftbusAdapterImpl::GetInstance()->OnShutdown(socket, SHUTDOWN_REASON_UNKNOWN);
197 DSoftbusAdapterImpl::GetInstance()->OnBytes(socket, g_data, dataLen);
198 DSoftbusAdapterImpl::GetInstance()->HandleRawData(networkId, g_data, dataLen);
199 return true;
200 }
201
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)202 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
203 {
204 /* Run your code on data */
205 if (data == nullptr) {
206 return 0;
207 }
208
209 OHOS::Msdp::DeviceStatus::EnableFuzzTest(data, size);
210 OHOS::Msdp::DeviceStatus::AddObserverFuzzTest(data, size);
211 OHOS::Msdp::DeviceStatus::CheckDeviceOnlineFuzzTest(data, size);
212 OHOS::Msdp::DeviceStatus::OpenSessionFuzzTest(data, size);
213 OHOS::Msdp::DeviceStatus::SendPacketFuzzTest(data, size);
214 OHOS::Msdp::DeviceStatus::InitSocketFuzzTest(data, size);
215 return 0;
216 }
217 } // namespace DeviceStatus
218 } // namespace Msdp
219 } // namespace OHOS